Ireland’s Data Protection Commission (DPC) has imposed a staggering €225 million fine on WhatsApp for breaching European Union’s (EU) data protection laws.
According to details, Ireland’s DPC had launched an investigation against WhatsApp three years ago after the company committed “serious” violations of the General Data Protection Regulation (GDPR), a landmark EU data protection and privacy framework enforced in 2018.It included information provided to users about the processing of information between WhatsApp and other Facebook-owned companies.Facebook Lied About WhatsApp & Misused User Data
In its 266-page ruling, the DPC revealed that WhatsApp only provided 41% of information to its users. Non-users – whose messages sent on other apps could be forwarded to the platform by WhatsApp users – were not provided any information, denying them the right to control their personal data.
Besides, WhatsApp committed four other “severe” infringements. The Facebook-owned messaging application failed
to process user data in a lawful, fair and transparent way.
to provide information on how data is collected “in a concise, transparent, intelligible and easily accessible form, using clear and plain language.
to inform users where their data was stored, details of someone they can contact, and purposes of collected data and who receives it.
to inform users when their personal data was obtained and processed from third parties and where this data came from.
PMC Clarifies Its Decision on Delay or Cancelation of MDCAT
The above-mentioned infringements affected thousands of people by violating their fundamental right to protect their data.
On the other hand, in an official statement, WhatsApp termed the €225 million penalty as “entirely disproportionate” and vowed to challenge the fine, adding that the company is committed to providing a secure and private service.
WhatsApp has always worked to ensure the information it provides to its users is transparent and comprehensive and it will continue to do so, the statement concluded.